CVE-2025-1958 | aaluoxiang oa_system 1.0 address-mapper.xml outtype sql injection

Inserito da Angelo Barbosa | Mar 4, 2025 | CVE

A vulnerability, which was classified as critical, has been found in aaluoxiang oa_system 1.0. This issue affects some unknown processing of the file src/main/resources/mappers/address-mapper.xml. The manipulation of the argument outtype leads to sql injection.

The identification of this vulnerability is CVE-2025-1958. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-1958 | aaluoxiang oa_system 1.0 address-mapper.xml outtype sql injection

Post correlati

CVE-2023-49411 | Tenda W30E 16.01.0.12(4843) formDeleteMeshNode stack-based overflow

CVE-2024-31860 | Apache Zeppelin up to 0.10.x path traversal

CVE-2024-50339 | GLPI up to 10.0.16 cross site scripting

CVE-2024-36790 | Netgear WNR614/N300 cleartext storage